Hallo,
folgendes Problem:
Immer wenn ich den Firefox (Version 2.0) starte, öffnet sich dazu ein Internet Explorer (Version 6.0.28x) Fenster, in dem Werbung angezeigt wird.
Beispiel Screenshot 1
Beispiel Screenshot 2
Zudem öffnet sich auch solch ein Fenster, wenn ich nur Outlook starte und es über den Router ins Internet zugreift.
Ich habe Ad-Aware, Spybot und Counterspy über das System laufen lassen. Alle drei haben nichts gefunden.
Ich hoffe mir kann jemand helfen!
Danke!
think
Logfile of HijackThis v1.99.1
Scan saved at 14:04:08, on 05.12.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Software\Sicherheit\Backup\PowerQuest Drive Image 7.0\Agent\PQV2iSvc.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Dit.exe
C:\Treiber\Laserdrucker\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Treiber\Laserdrucker\HP\HP Software Update\HPWuSchd2.exe
C:\Software\Sicherheit\Antispy\CounterSpy\sunserver.exe
C:\WINDOWS\DitExp.exe
C:\Treiber\Logitech\Profiler\lwemon.exe
C:\Programme\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Treiber\Tastatur\Logitech-Tastatur-Maus\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.EXE
C:\Software\Sicherheit\Antispy\CounterSpy\SunProtectionServe r.exe
C:\Software\Sicherheit\Antispy\CounterSpy\sunThreatEngine.ex e
C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\guard.exe
C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\avgas.exe
C:\Software\DOKUME~1\MICROS~1\OFFICE11\OUTLOOK.EXE
C:\Software\Dokumentenprogramme\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Software\Internet\Browser\Mozilla Firefox\firefox.exe
C:\Software\Internet\Chatprogramme\Trillian3pro\trillian.exe
C:\Software\Sicherheit\Antispy\hijackthis_199\HJT1991.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.arcor.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.arcor.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Software\SICHER~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: WebSpeechBHO Class - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Programme\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [kav] "C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Treiber\Laserdrucker\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /systrayIcon:on
O4 - HKLM\..\Run: [HP Software Update] C:\Treiber\Laserdrucker\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [browse enc boob bend] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\find help browse enc\Forkgrid.exe
O4 - HKLM\..\Run: [SunServer] C:\Software\Sicherheit\Antispy\CounterSpy\sunserver.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Treiber\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [Baitfast] C:\DOKUME~1\Alex\ANWEND~1\OOZESA~1\Dashcool.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Alles mit Net Transport herunterladen - C:\Programme\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Herunterladen mit Net Transport - C:\Programme\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Software\DOKUME~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Software\Tuning\Internet\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll
O9 - Extra 'Tools' menuitem: Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Software\Internet\CHATPR~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Software\Internet\CHATPR~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Software\DOKUME~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra button: MedionShop - {36AF14E3-8E6A-413E-A01F-360900AD6802} - http://www.medionshop.de (file missing) (HKCU)
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Software\Tuning\Internet\Flash Saving Plugin\FlashSButton.dll (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.de
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120593288687
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1123544260187
O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} (Photo Uploader Control) - http://www.studivz.net/lib/photouplo...toUploader.cab
O18 - Protocol: bw+0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: offline-8876480 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\GEMEIN~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: V2i Protector - PowerQuest Corporation - C:\Software\Sicherheit\Backup\PowerQuest Drive Image 7.0\Agent\PQV2iSvc.exe
Geändert von think (05.12.2006 um 13:05 Uhr)
Zwecks Verknüpfung:
Ich habe scheinbar ein ähnliches, wenn nicht das selbe Problem (siehe Screenshot 2).
http://forum.hijackthis.de/showthread.php?t=20500
Wie muss ich vorgehen?
Hallo think
und Herzlich Willkommen
Bevor wir Dir helfen können, benötigen wir einige Informationen,also machts du folgendes:
Einstellen der Ordner Optionen:
kannst du alles auf deinem Rechner sehen? Überprüfe deine Einstellungen.
Im Windows-Explorer:
>Extras >Ordneroptionen >den Reiter "Ansicht" >Versteckte Dateien und Ordner >"alle Dateien und Ordner anzeigen" aktivieren und >Extras >Ordneroptionen >den Reiter "Ansicht" >Dateien und Ordner >"Geschützte Systemdateien ausblenden (empfohlen)" deaktivieren.
- Lade das filelist.zip auf deinen Desktop herunter.
- entpacke die Zip-Datei auf deinen Desktop (kostenlose Zip-Tools)
- starte deinen Rechner neu auf
- öffne die nun auf deinem Desktop vorhandene filelist.bat mit einem Doppelklick auf die Datei
- dein Editor (Textverarbeitungsprogramm) wird sich öffnen
- markiere von diesem Inhalt aus jedem Verzeichnis jeweils die letzten 30 Tage, wähle kopieren, füge diese Dateien deinem nächsten Beitrag an
- Ein dickes Dankeschön an unseren Moderator Karl83 für die filelist.bat (Anleitung)
Dies sind die Verzeichnisse von denen wir jeweils die letzten 30 Tage sehen wollen:
C:\
C:\WINDOWS\System32
C:\WINDOWS
C:\WINDOWS\Prefetch
C:\WINDOWS\tasks
C:\WINDOWS\Temp
C:\DOCUME~1\Name\LOCALS\~1\Temp
Gruß
Argos
----- Root -----------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\
05.12.2006 16:54 43 filelist.txt
05.12.2006 16:50 1.073.270.784 hiberfil.sys
05.12.2006 16:50 1.610.612.736 pagefile.sys
11.11.2006 10:11 194 boot.ini
10.11.2006 17:21 2.782 LGSInst.Log
40 Datei(en) 3.275.294.009 Bytes
0 Verzeichnis(se), 13.043.257.344 Bytes frei
----- System32 -------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\WINDOWS\system32
05.12.2006 16:52 1.158 wpa.dbl
05.12.2006 16:52 22.571 nvapps.xml
22.11.2006 23:17 336.256 FNTCACHE.DAT
21.11.2006 23:00 0 WCp64log.dll
21.11.2006 22:17 199 msiexec.log
21.11.2006 22:16 165 AddPort.ini
10.11.2006 17:43 98.304 CmdLineExt.dll
08.11.2006 02:38 10.342.824 MRT.exe
29.10.2006 11:52 376.968 perfh009.dat
29.10.2006 11:52 51.376 perfc009.dat
29.10.2006 11:52 387.716 perfh007.dat
29.10.2006 11:52 62.114 perfc007.dat
29.10.2006 11:52 888.100 PerfStringBackup.INI
25.10.2006 19:15 65.536 QuickTimeVR.qtx
25.10.2006 19:15 49.152 QuickTime.qts
2228 Datei(en) 476.737.532 Bytes
0 Verzeichnis(se), 13.043.130.368 Bytes frei
----- Prefetch -------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\WINDOWS\Prefetch
05.12.2006 16:54 27.656 CMD.EXE-087B4001.pf
05.12.2006 16:53 49.614 KHALMNPR.EXE-02CB1A33.pf
05.12.2006 16:53 20.594 LOGITECHUPDATE.EXE-245A05B5.pf
05.12.2006 16:53 48.460 LULNCHR.EXE-071E00FB.pf
05.12.2006 16:53 49.662 SETPOINT.EXE-24B57250.pf
05.12.2006 16:53 24.542 REGSVR32.EXE-25EEFE2F.pf
05.12.2006 16:53 58.256 CSC.EXE-1113BFA6.pf
05.12.2006 16:53 5.808 CVTRES.EXE-13DEB540.pf
05.12.2006 16:53 68.212 SUNTHREATENGINE.EXE-3113E70A.pf
05.12.2006 16:53 46.006 COUNTERSPY.EXE-1EE7F19B.pf
05.12.2006 16:53 87.358 IEXPLORE.EXE-2CA9778D.pf
05.12.2006 16:53 19.462 RUNDLL32.EXE-451FC2C0.pf
05.12.2006 16:53 21.772 DASHCOOL.EXE-11C4181A.pf
05.12.2006 16:53 41.666 WMIPRVSE.EXE-28F301A9.pf
05.12.2006 16:53 23.228 LWEMON.EXE-09674BB4.pf
05.12.2006 16:53 42.730 WGATRAY.EXE-0ED38BED.pf
05.12.2006 16:52 29.982 FORKGRID.EXE-3503F907.pf
05.12.2006 16:52 31.710 HPTLBXFX.EXE-18297B1C.pf
05.12.2006 16:52 31.742 DITEXP.EXE-205A659C.pf
05.12.2006 16:52 14.528 HPWUSCHD2.EXE-337E5F87.pf
05.12.2006 16:52 26.812 SUNSERVER.EXE-375251BD.pf
05.12.2006 16:52 31.206 DIT.EXE-08CE4330.pf
05.12.2006 16:52 18.828 SOUNDMAN.EXE-19745A34.pf
05.12.2006 16:52 67.422 AVP.EXE-19177B43.pf
05.12.2006 16:52 32.790 IMAPI.EXE-0BF740A4.pf
05.12.2006 16:52 5.374 KHALMNPR.EXE-098E13FC.pf
05.12.2006 16:52 21.434 RUNDLL32.EXE-15E942E0.pf
05.12.2006 16:52 24.370 RUNDLL32.EXE-48D6C6FA.pf
05.12.2006 16:52 33.714 SUNPROTECTIONSERVER.EXE-0F118076.pf
05.12.2006 16:52 51.124 WUAUCLT.EXE-399A8E72.pf
05.12.2006 16:48 23.666 LOGONUI.EXE-0AF22957.pf
05.12.2006 16:48 31.052 FORKGRID.EXE-100187F0.pf
05.12.2006 16:42 26.574 FIREFOX.EXE-33220279.pf
05.12.2006 16:29 71.524 WINWORD.EXE-2BE387F1.pf
05.12.2006 16:09 42.172 NOTEPAD.EXE-336351A9.pf
05.12.2006 16:06 48.930 WINACE.EXE-0B579377.pf
05.12.2006 16:06 24.124 VERCLSID.EXE-3667BD89.pf
05.12.2006 16:05 89.774 EXPLORER.EXE-082F38A9.pf
05.12.2006 16:00 32.650 INTER OBJ IDLE.EXE-2D5A144D.pf
05.12.2006 15:38 101.984 OUTLOOK.EXE-1A0BF3EB.pf
05.12.2006 15:36 52.556 TRILLIAN.EXE-3307D42E.pf
05.12.2006 15:31 77.146 MOVIETHUMB.EXE-10AF2D8B.pf
05.12.2006 15:29 37.376 PICASAUPDATE.EXE-3B936E42.pf
05.12.2006 15:29 79.618 PICASA2.EXE-02907A61.pf
05.12.2006 14:00 95.666 TRILLIAN.EXE-365BEC49.pf
05.12.2006 13:39 24.056 SNDVOL32.EXE-383480B7.pf
05.12.2006 12:58 95.694 WMPLAYER.EXE-0996933B.pf
05.12.2006 12:36 19.560 RUNDLL32.EXE-268BFF96.pf
05.12.2006 12:16 86.546 HELPSVC.EXE-2878DDA2.pf
05.12.2006 12:14 87.550 IEXPLORE.EXE-0DFD7EC0.pf
05.12.2006 12:11 16.138 RUNDLL32.EXE-2C77A9D5.pf
05.12.2006 12:11 56.276 PHOTOSHOP.EXE-39091FC0.pf
05.12.2006 10:59 13.992 WMIAPSRV.EXE-1E2270A5.pf
05.12.2006 10:59 74.244 POWEROFPOLITICSCLIENT.EXE-2759F346.pf
05.12.2006 02:30 6.606 DUMPREP.EXE-1B46F901.pf
05.12.2006 01:40 47.080 ACRORD32INFO.EXE-30CEC19C.pf
05.12.2006 00:56 49.164 CLIENT_2.0.3.EXE-201D63C8.pf
05.12.2006 00:22 82.590 ACRORD32.EXE-0EC716D9.pf
04.12.2006 23:12 25.912 @UOSU.EXE-09214C61.pf
04.12.2006 21:59 81.054 EXCEL.EXE-182E2B81.pf
04.12.2006 21:13 71.260 FIREFOX.EXE-270CE025.pf
04.12.2006 21:02 93.276 POWERCINEMA.EXE-1D3E8A0E.pf
04.12.2006 18:35 75.426 ICQ.EXE-042D10F3.pf
04.12.2006 17:55 89.686 WMPLAYER.EXE-09969339.pf
04.12.2006 17:32 29.324 TASKMGR.EXE-20256C55.pf
04.12.2006 17:21 56.782 OFFPROV.EXE-0375286F.pf
04.12.2006 15:41 29.924 MSPAINT.EXE-11CBB631.pf
04.12.2006 12:03 450.154 Layout.ini
03.12.2006 20:45 86.616 DFRGNTFS.EXE-269967DF.pf
03.12.2006 20:45 12.886 DEFRAG.EXE-273F131E.pf
03.12.2006 17:58 42.516 POWERPNT.EXE-026A7123.pf
03.12.2006 17:21 81.884 EXPORTCONTROLLER.EXE-2AE60AF2.pf
03.12.2006 17:21 83.274 QUICKTIMEPLAYER.EXE-1683395B.pf
03.12.2006 15:30 60.500 AUTOROUT.EXE-08751E86.pf
03.12.2006 13:50 16.222 NETPUMPER-1.25.1-SETUP-NP_016-14E1FB68.pf
03.12.2006 13:50 29.564 INSF.TMP-050E565F.pf
03.12.2006 03:07 28.714 RUNDLL32.EXE-2C164A74.pf
03.12.2006 02:13 39.062 AD-AWARE.EXE-0F563CF3.pf
03.12.2006 00:00 51.512 NETTRANSPORT.EXE-0EEB9D31.pf
02.12.2006 23:44 13.388 SYSTRAY.EXE-345DCC1C.pf
02.12.2006 23:43 26.052 RUNDLL32.EXE-1E219C16.pf
02.12.2006 23:40 52.466 TEAMSPEAK.EXE-22A2201D.pf
02.12.2006 23:29 47.090 FLASHFXP.EXE-2C39369E.pf
02.12.2006 23:19 143.124 MSIEXEC.EXE-2F8A8CAE.pf
02.12.2006 23:18 75.246 RUNDLL32.EXE-2E0FDD21.pf
02.12.2006 22:51 46.014 REGMECH.EXE-032827DF.pf
02.12.2006 19:52 28.176 RUNDLL32.EXE-2E5AF1D7.pf
02.12.2006 18:39 64.744 JASP.EXE-3715FA40.pf
02.12.2006 18:39 30.102 JEDIACADEMY.EXE-3317AE8C.pf
02.12.2006 18:22 31.220 JEDIACADEMY.EXE-02CD60C2.pf
02.12.2006 18:22 5.416 AUTORUN.EXE-07306734.pf
02.12.2006 18:22 5.416 AUTORUN.EXE-055703AF.pf
02.12.2006 18:22 5.416 AUTORUN.EXE-0B15695B.pf
02.12.2006 18:22 4.982 AUTORUN.EXE-0B973CD9.pf
02.12.2006 17:48 37.048 RUNDLL32.EXE-3DFC84FB.pf
02.12.2006 17:47 33.056 RUNDLL32.EXE-3D7224A0.pf
02.12.2006 17:36 20.934 GLB1A2B.EXE-277B5EED.pf
02.12.2006 17:36 25.798 UNWISE.EXE-3952392F.pf
02.12.2006 17:36 3.366 UPDATEINST.EXE-1E15D33F.pf
02.12.2006 17:36 20.972 LAUNCHER.EXE-2B5D1EE6.pf
02.12.2006 16:52 85.988 SPYBOTSD.EXE-1AC805B6.pf
02.12.2006 16:51 17.344 UPDATE.EXE-2E24204B.pf
02.12.2006 16:01 35.862 RUNDLL32.EXE-485CD3BD.pf
02.12.2006 16:01 9.098 CHCFG.EXE-06070F78.pf
02.12.2006 15:59 15.446 IPODSERVICE.EXE-233792DA.pf
02.12.2006 15:58 108.670 ITUNES.EXE-3B18CBF2.pf
02.12.2006 13:29 87.494 MSOHELP.EXE-0023D459.pf
02.12.2006 11:46 73.420 WSCRIPT.EXE-32960AB9.pf
02.12.2006 11:46 25.350 COUNTERSPY.EXE-23837AA7.pf
01.12.2006 11:10 31.764 HPRBUPDATE.EXE-33FC31B8.pf
01.12.2006 01:56 119.690 WMPLAYER.EXE-0996933A.pf
01.12.2006 01:07 29.626 WEBCOLCT.EXE-1A8A73ED.pf
30.11.2006 23:15 30.918 RUNDLL32.EXE-31610E45.pf
30.11.2006 17:32 35.694 DIVXSM.EXE-3407AB62.pf
30.11.2006 17:28 74.982 VLC.EXE-0694D136.pf
30.11.2006 14:44 56.680 LOGOX4.EXE-094BD0F1.pf
30.11.2006 14:36 20.308 DRWTSN32.EXE-2B4B52AC.pf
30.11.2006 12:38 11.830 USERINIT.EXE-30B18140.pf
30.11.2006 12:01 76.218 WMPLAYER.EXE-0996933C.pf
30.11.2006 12:01 23.862 REALONEMESSAGECENTER.EXE-0A4B9E3A.pf
30.11.2006 12:00 21.048 REALSCHED.EXE-0A2A7558.pf
30.11.2006 12:00 25.972 RPHELPERAPP.EXE-1B8E3E75.pf
30.11.2006 12:00 43.308 REALPLAY.EXE-340274A5.pf
28.11.2006 16:13 20.190 SH.EXE-23FE5A73.pf
28.11.2006 16:12 88.440 CSCRIPT.EXE-1C26180C.pf
28.11.2006 10:43 36.014 KONFABULATOR.EXE-368042CA.pf
05.11.2006 13:07 26.208 FIREFOX.EXE-0F79186D.pf
12.10.2004 17:42 35.634 WINDOWSXP-KB828741-X86-DEU.EX-3644C835.pf
12.10.2004 17:17 30.394 WAOL.EXE-0A1BF4F5.pf
09.10.2002 18:07 428.054 NTOSBOOT-B00DFAAD.pf
130 Datei(en) 6.531.450 Bytes
0 Verzeichnis(se), 13.043.130.368 Bytes frei
----- Windows --------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\WINDOWS
05.12.2006 16:53 648.786 setupapi.log
05.12.2006 16:52 0 0.log
05.12.2006 16:51 1.312.079 WindowsUpdate.log
05.12.2006 16:50 50 wiaservc.log
05.12.2006 16:50 159 wiadebug.log
05.12.2006 16:50 2.048 bootstat.dat
05.12.2006 16:49 32.568 SchedLgU.Txt
05.12.2006 15:31 116 NeroDigital.ini
05.12.2006 03:44 2.297.200 ntbtlog.txt
03.12.2006 09:32 91.389 wmsetup.log
02.12.2006 16:00 60.416 ALCFDRTM.VER
23.11.2006 12:36 487 scummvm.ini
22.11.2006 14:25 25.307 MDAC28-KB911562-x86-DEU.log
22.11.2006 14:24 49.838 updspapi.log
21.11.2006 22:46 38.256 KB924191.log
21.11.2006 22:45 13.137 dahotfix.log
21.11.2006 22:38 63.167 dasetup.log
21.11.2006 22:38 4.335 ODBCINST.INI
21.11.2006 22:31 477 ODBC.INI
21.11.2006 22:26 93.911 hppins03.dat
21.11.2006 22:16 673 hpntwksetup.ini
11.11.2006 14:50 1.541 discwriter.log
11.11.2006 14:50 0 OrangeBurn.log
11.11.2006 10:23 86 KE.log
11.11.2006 10:23 81.800 KB893803v2.log
11.11.2006 10:22 222.706 setupact.log
11.11.2006 10:11 765 win.ini
11.11.2006 10:11 277 system.ini
10.11.2006 17:43 261.898 DirectX.log
09.11.2006 14:20 121 GEARInstall.log
05.11.2006 13:18 186 wininit.ini
04.11.2006 22:16 737.280 iun6002.exe
29.10.2006 15:03 12.065 mozver.dat
323 Datei(en) 27.166.171 Bytes
0 Verzeichnis(se), 13.043.122.176 Bytes frei
----- Tasks ----------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\WINDOWS\tasks
05.12.2006 16:50 6 SA.DAT
05.12.2006 16:00 260 B349AD939356297B.job
25.11.2006 20:10 276 AppleSoftwareUpdate.job
4 Datei(en) 607 Bytes
0 Verzeichnis(se), 13.043.122.176 Bytes frei
----- Wintemp --------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\WINDOWS\temp
05.12.2006 16:53 408 WGANotify.settings
05.12.2006 16:50 255 WGAErrLog.txt
05.12.2006 16:50 16.384 ~DFFC78.tmp
05.12.2006 12:19 16.384 ~DFF7E8.tmp
05.12.2006 10:45 16.384 ~DFF979.tmp
05.12.2006 03:55 16.384 ~DFF7FC.tmp
05.12.2006 03:48 16.384 ~DFF914.tmp
04.12.2006 21:17 16.384 ~DFFB3F.tmp
04.12.2006 17:06 16.384 ~DFF6BE.tmp
03.12.2006 13:42 16.384 ~DFF41D.tmp
02.12.2006 22:35 16.384 ~DFF63E.tmp
02.12.2006 18:18 16.384 ~DFF5BF.tmp
02.12.2006 09:46 16.384 ~DFF5CF.tmp
01.12.2006 10:07 16.384 ~DFF5D3.tmp
01.12.2006 02:27 16.384 ~DFF661.tmp
29.11.2006 12:06 16.384 ~DFF916.tmp
28.11.2006 21:55 16.384 Perflib_Perfdata_9a8.dat
28.11.2006 10:42 16.384 ~DFF511.tmp
27.11.2006 22:34 16.384 ~DFF5BB.tmp
27.11.2006 19:00 16.384 ~DFF4E8.tmp
27.11.2006 12:58 16.384 ~DFF5D7.tmp
26.11.2006 13:12 16.384 ~DFF5DF.tmp
25.11.2006 04:12 16.384 ~DFF5B2.tmp
24.11.2006 23:45 16.384 ~DF3F4.tmp
24.11.2006 14:09 16.384 ~DFF5D5.tmp
22.11.2006 23:18 16.384 ~DFE9C5.tmp
22.11.2006 16:44 16.384 ~DFF6AC.tmp
22.11.2006 13:35 16.384 ~DFF649.tmp
21.11.2006 22:47 16.384 ~DFF700.tmp
21.11.2006 22:37 16.384 ~DFF654.tmp
21.11.2006 22:22 16.384 ~DFEA14.tmp
21.11.2006 22:16 386 hpDevSing
21.11.2006 21:13 16.384 ~DFF5BD.tmp
21.11.2006 10:29 16.384 ~DFF555.tmp
20.11.2006 09:27 16.384 ~DFF2FB.tmp
19.11.2006 14:38 16.384 ~DFF475.tmp
18.11.2006 22:50 16.384 ~DFF462.tmp
18.11.2006 12:03 16.384 ~DFF47D.tmp
17.11.2006 12:32 16.384 ~DFF414.tmp
16.11.2006 13:28 16.384 ~DFF389.tmp
15.11.2006 23:49 16.384 ~DFF4A9.tmp
15.11.2006 09:30 16.384 ~DFF474.tmp
14.11.2006 20:35 16.384 ~DFF4CB.tmp
14.11.2006 10:39 16.384 ~DFF4F4.tmp
13.11.2006 10:54 16.384 ~DFF4CF.tmp
12.11.2006 12:16 16.384 ~DFF527.tmp
11.11.2006 11:31 16.384 ~DFF632.tmp
11.11.2006 10:50 16.384 ~DFF4B6.tmp
11.11.2006 10:38 16.384 ~DFF6A2.tmp
11.11.2006 10:06 16.384 ~DFF439.tmp
11.11.2006 09:29 16.384 ~DFF4D2.tmp
11.11.2006 02:50 16.384 ~DFF6C4.tmp
11.11.2006 02:34 16.384 ~DFE6F6.tmp
11.11.2006 02:14 16.384 ~DFE6CD.tmp
11.11.2006 02:07 16.384 ~DFE6E7.tmp
11.11.2006 01:40 16.384 ~DFF917.tmp
10.11.2006 17:25 16.384 ~DFF236.tmp
10.11.2006 17:08 16.384 ~DFEF31.tmp
10.11.2006 10:54 16.384 ~DFF238.tmp
09.11.2006 15:36 16.384 ~DFF31D.tmp
09.11.2006 09:54 16.384 ~DFF277.tmp
09.11.2006 00:15 16.384 ~DFF216.tmp
08.11.2006 20:15 16.384 ~DFF1E2.tmp
08.11.2006 09:44 16.384 ~DFF210.tmp
08.11.2006 02:00 16.384 ~DFF1A4.tmp
07.11.2006 00:15 16.384 ~DFF324.tmp
05.11.2006 13:21 16.384 ~DFE986.tmp
05.11.2006 00:27 16.384 ~DFF20B.tmp
04.11.2006 12:41 16.384 ~DFEEEF.tmp
04.11.2006 11:05 16.384 ~DFF0CC.tmp
03.11.2006 14:25 16.384 ~DFECE3.tmp
02.11.2006 15:19 16.384 ~DFEB8D.tmp
02.11.2006 07:26 16.384 ~DFF036.tmp
01.11.2006 18:25 16.384 ~DFF13F.tmp
01.11.2006 07:17 16.384 ~DFF078.tmp
31.10.2006 16:29 16.384 ~DFEE1E.tmp
31.10.2006 09:17 16.384 ~DFF09E.tmp
29.10.2006 11:48 16.384 ~DFF032.tmp
28.10.2006 14:18 8.192 cch~622228c2c.htp
28.10.2006 14:18 8.192 cch~6222296c4.htp
28.10.2006 14:09 8.192 cch~5b3ac9697.htp
28.10.2006 14:09 8.192 cch~5b3ac8dc3.htp
284 Datei(en) 707.533.546 Bytes
0 Verzeichnis(se), 13.043.105.792 Bytes frei
----- Temp -----------------------------
Datentr„ger in Laufwerk C: ist BOOT
Volumeseriennummer: 0000-0001
Verzeichnis von C:\DOKUME~1\Alex\LOKALE~1\Temp
05.12.2006 16:53 16.384 ~DF22CD.tmp
05.12.2006 16:52 32.768 ~DF57C4.tmp
05.12.2006 16:51 16.384 ~DF8EEF.tmp
05.12.2006 16:01 0 fla11C.tmp
05.12.2006 16:01 0 fla11B.tmp
05.12.2006 15:59 0 fla117.tmp
05.12.2006 15:59 0 fla111.tmp
05.12.2006 14:37 1.212.416 ~DF4591.tmp
05.12.2006 13:19 1.212.416 ~DFA9B0.tmp
05.12.2006 12:35 32.768 ~DF9EB.tmp
05.12.2006 12:35 16.384 ~DFD801.tmp
05.12.2006 12:34 49.152 ~DF289F.tmp
05.12.2006 12:19 32.768 ~DF413C.tmp
05.12.2006 12:19 16.384 ~DF7799.tmp
05.12.2006 12:11 1.303 TWAIN.LOG
05.12.2006 12:11 4 Twain001.Mtx
05.12.2006 12:11 156 Twunk001.MTX
05.12.2006 11:22 1.212.416 ~DF476D.tmp
05.12.2006 11:22 32.768 ~DFF31B.tmp
05.12.2006 11:21 16.384 ~DF7B95.tmp
05.12.2006 10:48 32.768 ~DFDF1E.tmp
05.12.2006 10:46 16.384 ~DF984F.tmp
05.12.2006 10:46 49.152 ~DF6FE1.tmp
05.12.2006 03:57 32.768 ~DFCB10.tmp
05.12.2006 03:57 16.384 ~DFEC1A.tmp
05.12.2006 03:57 49.152 ~DF4748.tmp
05.12.2006 03:51 32.768 ~DF13ED.tmp
05.12.2006 03:50 16.384 ~DF48F3.tmp
05.12.2006 02:36 0 fla11A.tmp
05.12.2006 02:35 0 fla119.tmp
05.12.2006 02:34 0 fla118.tmp
05.12.2006 02:31 0 fla116.tmp
05.12.2006 02:31 0 fla115.tmp
05.12.2006 02:29 0 fla112.tmp
05.12.2006 02:28 0 fla10F.tmp
05.12.2006 02:26 0 fla10D.tmp
05.12.2006 02:26 0 fla10C.tmp
05.12.2006 01:27 0 fla6A.tmp
05.12.2006 01:27 0 fla69.tmp
04.12.2006 21:18 32.768 ~DFEEB5.tmp
04.12.2006 21:17 16.384 ~DF74AC.tmp
04.12.2006 17:09 49.152 ~DF1685.tmp
04.12.2006 17:08 32.768 ~DFEF2C.tmp
04.12.2006 17:07 16.384 ~DF68DB.tmp
03.12.2006 18:10 163.840 ~DF1C26.tmp
03.12.2006 15:43 98.288 java_install_reg.log
03.12.2006 13:45 49.152 ~DFA7CF.tmp
03.12.2006 13:44 32.768 ~DF372D.tmp
03.12.2006 13:43 16.384 ~DF702E.tmp
03.12.2006 01:43 0 ~DF54.tmp
02.12.2006 22:37 49.152 ~DF99CE.tmp
02.12.2006 22:37 32.768 ~DFE5BD.tmp
02.12.2006 22:36 16.384 ~DF697D.tmp
02.12.2006 19:52 1.212.416 ~DFF7C8.tmp
02.12.2006 18:20 49.152 ~DFBCDB.tmp
02.12.2006 18:20 32.768 ~DFF967.tmp
02.12.2006 18:19 16.384 ~DF64D5.tmp
02.12.2006 17:40 1.212.416 ~DF1AB4.tmp
02.12.2006 17:36 1.212.416 ~DF4C77.tmp
02.12.2006 15:45 1.212.416 ~DF2752.tmp
02.12.2006 15:45 1.212.416 ~DFFB0A.tmp
02.12.2006 13:59 1.212.416 ~DFE3DF.tmp
02.12.2006 13:29 16.384 ~DFD842.tmp
02.12.2006 13:23 32.768 ~DF680E.tmp
02.12.2006 13:22 16.384 ~DF19AC.tmp
02.12.2006 13:22 1.015.808 ~DFCF51.tmp
02.12.2006 13:22 49.152 ~DF728D.tmp
02.12.2006 13:22 32.768 ~DF6157.tmp
02.12.2006 13:22 16.384 ~DF2EF.tmp
30.11.2006 14:34 0 fla1B6.tmp
30.11.2006 14:31 0 fla1B4.tmp
30.11.2006 14:31 0 fla1B3.tmp
30.11.2006 14:28 0 fla1AF.tmp
30.11.2006 14:28 0 fla1AE.tmp
30.11.2006 11:59 180 ram154.ram
30.11.2006 02:27 163.840 ~DF4873.tmp
30.11.2006 01:15 393.216 bisC2.exe
29.11.2006 22:24 16.384 ~DF7A74.tmp
29.11.2006 02:04 0 fla338.tmp
29.11.2006 02:02 0 fla336.tmp
28.11.2006 15:48 0 fla18D.tmp
27.11.2006 23:12 0 fla7D.tmp
27.11.2006 22:48 422 MSIcebbd.LOG
27.11.2006 22:37 16.384 ~DF797A.tmp
27.11.2006 19:02 16.384 ~DF27DC.tmp
27.11.2006 14:39 422 MSIb2070.LOG
27.11.2006 14:37 422 MSIb206f.LOG
27.11.2006 14:37 422 MSIb206e.LOG
27.11.2006 13:30 0 fla73.tmp
27.11.2006 13:27 0 fla71.tmp
27.11.2006 13:27 0 fla6B.tmp
27.11.2006 13:01 16.384 ~DFD064.tmp
25.11.2006 23:43 13.036 ICQ181.tmp
25.11.2006 19:01 37.385 IUJ_14175.tmp
24.11.2006 23:47 16.384 ~DFFCD2.tmp
24.11.2006 16:44 13.592 temp.ani
24.11.2006 14:12 16.384 ~DF758D.tmp
24.11.2006 10:57 0 Kon1DD.tmp
23.11.2006 21:20 109 Kon196.tmp
23.11.2006 18:36 0 fla175.tmp
23.11.2006 18:35 0 fla173.tmp
23.11.2006 17:50 0 Kon146.tmp
23.11.2006 17:41 16.384 ~WRF0004.tmp
22.11.2006 23:21 16.384 ~DF789.tmp
22.11.2006 17:01 59.964 Adobelm_Cleanup.0001
22.11.2006 16:50 16.384 ~DF3D1D.tmp
22.11.2006 16:46 16.384 ~DF55C9.tmp
22.11.2006 16:42 0 UDM6B.tmp
22.11.2006 16:39 16.384 ~DF88EA.tmp
22.11.2006 16:03 13.036 ICQDF.tmp
22.11.2006 15:45 12.807 ICQB3.tmp
22.11.2006 15:45 4.227 ICQB2.tmp
22.11.2006 15:44 11.539 ICQB1.tmp
22.11.2006 15:44 3.923 ICQB0.tmp
22.11.2006 15:44 12.615 ICQAF.tmp
22.11.2006 15:44 4.190 ICQAE.tmp
22.11.2006 13:44 156.614 Zukunft des Verkehrs.pdf
22.11.2006 13:38 16.384 ~DFA0FC.tmp
21.11.2006 22:51 16.384 ~DF2DA6.tmp
21.11.2006 22:41 16.384 ~DF73F3.tmp
21.11.2006 22:41 975 hputw7qa.out
21.11.2006 22:28 76.136 hpzpad001.htm
21.11.2006 22:28 1.548 hpzcdl001.log
21.11.2006 22:28 1.999 hpzpsl000.log
21.11.2006 22:26 2.970 hpzset004.log
21.11.2006 22:26 16.384 ~DF1A7A.tmp
21.11.2006 22:20 16.560 hpzset000.log
21.11.2006 22:20 1.006 hpzmsi017.log
21.11.2006 22:20 1.595 hpzmsi016.log
21.11.2006 22:20 767 hpzwrp001.log
21.11.2006 22:20 1.020 hpznop004.log
21.11.2006 22:20 1.115 hpzrcv003.log
21.11.2006 22:20 1.006 hpzmsi015.log
21.11.2006 22:20 1.183 hpzpnp004.log
21.11.2006 22:20 756 hpzwis002.log
21.11.2006 22:20 795 hpzarp006.log
21.11.2006 22:20 839 hpzset003.log
21.11.2006 22:20 1.534 hpzarp005.log
21.11.2006 22:20 1.476 hpzprl005.log
21.11.2006 22:20 1.238 hpzmsi014.log
21.11.2006 22:20 3.666 hpzmsi013.log
21.11.2006 22:20 190 hppMSI_Destinations.log
21.11.2006 22:19 472 hppMSI_Unload.log
21.11.2006 22:19 472 hppMSI_DeviceManagementQFolder.log
21.11.2006 22:19 838 hpzset002.log
21.11.2006 22:19 1.544 hpzarp004.log
21.11.2006 22:19 1.408 hpzprl004.log
21.11.2006 22:19 1.470 hpzmsi012.log
21.11.2006 22:19 4.431 hpzmsi011.log
21.11.2006 22:19 190 hppMSI_BufferChm.log
21.11.2006 22:19 284 hppMSI_SolutionCenter.log
21.11.2006 22:18 284 hppMSI_WebReg.log
21.11.2006 22:18 284 hppMSI_hpproductassistant.log
21.11.2006 22:18 472 hppMSI_eSupportQFolder.log
21.11.2006 22:18 1.122 hpzmsi010.log
21.11.2006 22:18 1.785 hpzmsi009.log
21.11.2006 22:18 226 hppMSI_HPSoftwareUpdate.log
21.11.2006 22:18 1.006 hpzmsi008.log
21.11.2006 22:18 1.466 hpzrcv002.log
21.11.2006 22:18 1.115 hpzrcv001.log
21.11.2006 22:18 839 hpzset001.log
21.11.2006 22:18 1.934 hpzmsi007.log
21.11.2006 22:18 3.071 hpzmsi006.log
21.11.2006 22:18 190 hppMSI_hppclj2605.log
21.11.2006 22:18 284 hppMSI_hppTLBXFX2605.log
21.11.2006 22:17 472 hppMSI_Product_SF_Full_QFolder.log
21.11.2006 22:17 1.565 hpzarp003.log
21.11.2006 22:17 2.441 hpzmsi005.log
21.11.2006 22:17 226 hppMSI_hppmanuals2605.log
21.11.2006 22:17 472 hppMSI_Product_SF_Min_QFolder.log
21.11.2006 22:17 1.565 hpzarp002.log
21.11.2006 22:17 2.588 hpzmsi004.log
21.11.2006 22:17 190 hppMSI_hpzTLBXFX.log
21.11.2006 22:17 472 hppMSI_CorePLS_Full_QFolder.log
21.11.2006 22:17 1.565 hpzarp001.log
21.11.2006 22:17 3.486 hpzmsi003.log
21.11.2006 22:17 190 hppMSI_hppWebRegMM.log
21.11.2006 22:17 284 hppMSI_hppFonts.log
21.11.2006 22:17 284 hppMSI_hppIOFiles.log
21.11.2006 22:16 284 hppMSI_CorePLS_Min_QFolder.log
21.11.2006 22:16 1.555 hpzarp000.log
21.11.2006 22:16 1.124 hpzprl003.log
21.11.2006 22:16 961 hpznop003.log
21.11.2006 22:16 1.163 hpzpnp003.log
21.11.2006 22:16 2.520 hpzdui000.log
21.11.2006 22:16 6.163 hpznet000.log
21.11.2006 22:16 731 hppnac01.log
21.11.2006 22:16 1.203 hppnicifs01.log
21.11.2006 22:16 21.964 BoiseNetWiz.his
21.11.2006 22:16 12.815 hpjsilg2.txt
21.11.2006 22:16 21 BoiseNetWiz.txt
21.11.2006 22:13 851 hpzfwx000.log
21.11.2006 22:13 2.005 hpzshl001.log
21.11.2006 22:13 1.163 hpzpnp002.log
21.11.2006 22:13 1.569 hpzmsi002.log
21.11.2006 22:13 226 hppMSI_PortMonitor.log
21.11.2006 22:12 1.688 hpzprl002.log
21.11.2006 22:12 1.513 hpzprl001.log
21.11.2006 22:12 1.804 hpznfx000.log
21.11.2006 22:12 1.619 hpzmsi001.log
21.11.2006 22:12 1.569 hpzmsi000.log
21.11.2006 22:12 992 hpzwis001.log
21.11.2006 22:12 737 hpzwis000.log
21.11.2006 22:11 1.061 hpzcdl000.log
21.11.2006 22:11 194.682 hpzshl000.log
21.11.2006 22:11 801 hpzwrp000.log
21.11.2006 22:11 1.311 hpzrcv000.log
21.11.2006 22:11 1.139 hpzprl000.log
21.11.2006 22:11 2.951 hpzsui000.log
21.11.2006 22:11 1.081 hpzgat001.log
21.11.2006 22:10 965 hpznop002.log
21.11.2006 22:10 983 hpznop001.log
21.11.2006 22:10 874 hpznop000.log
21.11.2006 22:10 3.121 hpzopt000.log
21.11.2006 22:10 8.292 hpzchk000.log
21.11.2006 22:10 757 hpzgat000.log
21.11.2006 22:09 2.486 hpzwup000.log
21.11.2006 22:08 1.408 hpzrei000.log
21.11.2006 22:08 1.016 hpzpsc000.log
21.11.2006 22:08 625 hpzpnp001.log
21.11.2006 22:07 620 hpzpnp000.log
21.11.2006 21:16 16.384 ~DF3976.tmp
21.11.2006 11:39 0 fla75.tmp
21.11.2006 11:32 0 fla72.tmp
21.11.2006 11:29 0 fla6F.tmp
21.11.2006 11:29 0 fla6D.tmp
21.11.2006 10:31 16.384 ~DFF5F.tmp
20.11.2006 11:18 0 flaA3.tmp
20.11.2006 11:15 0 flaA1.tmp
20.11.2006 11:15 0 flaA0.tmp
20.11.2006 11:15 0 fla9F.tmp
20.11.2006 11:15 0 fla9E.tmp
20.11.2006 11:15 0 fla9D.tmp
20.11.2006 11:15 0 fla9C.tmp
20.11.2006 11:14 0 fla9A.tmp
20.11.2006 11:14 0 fla97.tmp
20.11.2006 09:31 16.384 ~DFC4FB.tmp
18.11.2006 22:53 16.384 ~DF28B5.tmp
17.11.2006 17:08 0 Kon68.tmp
17.11.2006 12:35 975 mksd0qzj.out
16.11.2006 23:25 0 Kon98.tmp
16.11.2006 00:03 0 fla64.tmp
15.11.2006 23:59 0 fla62.tmp
15.11.2006 23:59 0 fla5F.tmp
15.11.2006 23:51 975 gvyqnisr.out
15.11.2006 01:07 0 flaB3.tmp
14.11.2006 10:42 16.384 ~DFAE62.tmp
12.11.2006 03:14 380.659 IUJ_47409.tmp
11.11.2006 23:43 0 flaD7.tmp
11.11.2006 23:41 0 flaD1.tmp
11.11.2006 23:04 12.841.064 SkypeSetup.exe
11.11.2006 22:06 16.384 ~DF335F.tmp
11.11.2006 14:14 31 searchurl.txt
11.11.2006 14:07 16.384 ~DFE7CE.tmp
11.11.2006 13:43 0 fla46.tmp
11.11.2006 13:17 0 fla3F.tmp
11.11.2006 11:53 0 fla35.tmp
11.11.2006 10:52 16.384 ~DFC656.tmp
11.11.2006 10:47 2.099.672 1000041.exe
11.11.2006 10:47 16.384 ~DF6E31.tmp
11.11.2006 10:47 975 gjjvhbwu.out
11.11.2006 10:47 128 1000041.exe.sig
11.11.2006 10:08 16.384 ~DF4E78.tmp
11.11.2006 02:10 5.310 plf1.tmp
11.11.2006 01:51 27.926 jusched.log
10.11.2006 17:11 16.384 ~DFF1DD.tmp
10.11.2006 11:07 16.384 ~DFCFF8.tmp
10.11.2006 10:57 16.384 ~DF5DA3.tmp
09.11.2006 15:42 16.384 ~DF6C38.tmp
09.11.2006 14:19 16.206 QTInstallCode.log
09.11.2006 14:18 4.072 qtplugin.log
09.11.2006 10:13 0 ij93D.tmp
09.11.2006 01:36 0 d8y6B.tmp
09.11.2006 01:30 0 fla5E.tmp
09.11.2006 01:12 0 fla5B.tmp
09.11.2006 01:10 0 fla56.tmp
09.11.2006 01:08 0 fla53.tmp
09.11.2006 00:19 16.384 ~DF6CDF.tmp
08.11.2006 20:17 16.384 ~DF1160.tmp
08.11.2006 09:55 0 lr62E.tmp
08.11.2006 09:48 16.384 ~DFC3F2.tmp
08.11.2006 02:16 0 8zi32.tmp
08.11.2006 02:03 16.384 ~DF8EFE.tmp
08.11.2006 00:25 0 fla163.tmp
07.11.2006 22:42 0 spn15B.tmp
07.11.2006 22:35 0 uqv15A.tmp
07.11.2006 01:15 0 fg746.tmp
07.11.2006 00:38 0 92q3F.tmp
07.11.2006 00:27 0 fla39.tmp
06.11.2006 15:53 717 control.xml
06.11.2006 14:59 776.086 IMT1D3.xml
06.11.2006 14:59 426 IMT1D2.xml
06.11.2006 14:59 2.036 IMT1D1.xml
06.11.2006 10:53 16.384 ~DF2E20.tmp
06.11.2006 10:21 0 8on164.tmp
06.11.2006 10:17 0 fla162.tmp
06.11.2006 10:05 0 fla15F.tmp
06.11.2006 10:04 0 fla15D.tmp
05.11.2006 18:47 0 flaF6.tmp
05.11.2006 18:47 0 flaF4.tmp
05.11.2006 18:47 0 flaF3.tmp
05.11.2006 18:45 0 flaF1.tmp
05.11.2006 18:42 0 flaE3.tmp
05.11.2006 18:41 0 flaE1.tmp
05.11.2006 18:41 0 flaDF.tmp
05.11.2006 18:39 0 flaD0.tmp
05.11.2006 18:34 0 flaCB.tmp
05.11.2006 13:55 109 Kon63.tmp
05.11.2006 13:27 46.532 adb30.tmp
05.11.2006 13:26 0 c0vwkefb.err
05.11.2006 11:42 16.384 ~DFC628.tmp
05.11.2006 11:42 16.384 ~DF9FDD.tmp
05.11.2006 09:53 0 gke422.tmp
05.11.2006 02:02 73.535 adb3CF.tmp
05.11.2006 01:43 0 t843B8.tmp
04.11.2006 20:56 14.137 ICQ124.tmp
04.11.2006 20:56 4.990 ICQ123.tmp
04.11.2006 20:54 13.309 ICQ122.tmp
04.11.2006 20:54 4.780 ICQ121.tmp
04.11.2006 18:43 228 gupload.log
04.11.2006 17:25 0 flaE8.tmp
04.11.2006 17:12 0 flaE4.tmp
04.11.2006 17:11 0 flaE2.tmp
04.11.2006 17:09 0 flaD8.tmp
04.11.2006 17:08 0 flaD5.tmp
04.11.2006 17:07 0 flaD2.tmp
04.11.2006 17:06 0 flaCF.tmp
04.11.2006 17:05 0 flaCD.tmp
04.11.2006 17:04 0 flaCA.tmp
04.11.2006 17:03 0 flaC7.tmp
04.11.2006 17:01 0 flaC4.tmp
04.11.2006 15:59 0 6vjAF.tmp
04.11.2006 12:44 16.384 ~DF3D2.tmp
04.11.2006 12:43 0 Kon24.tmp
04.11.2006 11:17 110.865 BWInstall.log
04.11.2006 11:08 16.384 ~DFE25B.tmp
03.11.2006 14:30 16.384 ~DF2EBB.tmp
02.11.2006 21:10 0 flaF0.tmp
02.11.2006 21:10 0 flaED.tmp
02.11.2006 18:52 1.187.012 Holst - 1 Modulkatalog SpeditionLogistik 20.4.05.pdf
02.11.2006 17:54 0 Kon94.tmp
02.11.2006 17:02 24.576 FFPage.exe
02.11.2006 15:25 16.384 ~DFF8C.tmp
02.11.2006 08:01 0 zvz64.tmp
01.11.2006 18:33 16.384 ~DF1CD3.tmp
01.11.2006 07:42 0 at662.tmp
01.11.2006 07:37 0 ayq59.tmp
01.11.2006 07:20 16.384 ~DFACCD.tmp
31.10.2006 16:36 16.384 ~DFC30E.tmp
31.10.2006 09:21 16.384 ~DF6AD6.tmp
29.10.2006 11:51 16.384 ~DFCB0E.tmp
29.10.2006 11:45 0 KonA6.tmp
1747 Datei(en) 224.384.772 Bytes
0 Verzeichnis(se), 13.042.933.760 Bytes frei
Danke im voraus!
Hallo Think - willkommen bei HijackThis.de
ich habe deine Frage aus dem Thread des anderen Users getrennt. Wir halten es hier so, dass jeder User einen eigenen Thread pro Nase und Rechner für sich hat.
Schritt 1
Lade das Programm HijackThis runter.
Schritt 2
Zeige uns bitte das neue HijackThis Logfile.Benenne die installierte Datei Hijackthis.exe um in HJT1991.exe.
Dieses müssen wir tun, da es Malware gibt, die das Programm erkennt und sich ohne es um zu benennen vor ihm versteckt. Jetzt mit einem doppelklick auf die HJT1991.exe starten.
Schritt 3
Lade bitte das Combofix herunter, von einem der folgenden Download Spiegel:
http://download.bleepingcomputer.com/sUBs/combofix.exe
http://www.techsupportforum.com/sectools/combofix.exe
- speichere es auf deinem Desktop.
- Schliesse alle Anwendungen, wenn du das Combofix laufen lässt.
- Wird eine Infektion gefunden, startet das Combofix deinen Rechner automatisch neu auf, um die Entfernung zu vervollständigen.
- Schliesse dieses Fenster bitte nicht, sonst wirst du einen leeren Desktop zurück behalten.
- 1. Mach einen Doppelklick auf die combo.exe und folge den Hinweisen, gib an dieser Stelle ein "y" oder "Y" ein (oder ein "N", wenn du den Fix abbrechen musst).
- 2. Wenn der Scan beendet ist, wird er ein Logfile erstellen, den C:\ComboFix.txt
- 3. Poste den Inhalt dieses Logfiles.
- 4. Starte den Rechner neu auf.
Hinweis:
- Klicke nicht mit der Maus in das Fenster des Combofix während es läuft.
Das könnte dein System einfrieren oder hängen bleiben lassen. Es kann circa eine Viertelstunde dauern, bis der Scan fertig ist.
Schritt 4
Einstellen der Ordner Optionen:
kannst du alles auf deinem Rechner sehen? Überprüfe deine Einstellungen.
Im Windows-Explorer:
>Extras >Ordneroptionen >den Reiter "Ansicht" >Versteckte Dateien und Ordner >"alle Dateien und Ordner anzeigen" aktivieren und >Extras >Ordneroptionen >den Reiter "Ansicht" >Dateien und Ordner >"Geschützte Systemdateien ausblenden (empfohlen)" deaktivieren.
Schritt 5
- Lade das filelist.zip auf deinen Desktop herunter.
- entpacke die Zip-Datei auf deinen Desktop (kostenlose Zip-Tools)
- starte deinen Rechner neu auf
- öffne die nun auf deinem Destop vorhandene filelist.bat mit einem Doppelklick auf die Datei
- dein Editor (Textverarbeitungsprogramm) wird sich öffnen
- markiere von diesem Inhalt aus jedem Verzeichnis jeweils die letzten 30 Tage, wähle kopieren, füge diese Dateien deinem nächsten Beitrag an
- Ein dickes Dankeschön an unseren Moderator Karl83 für die filelist.bat (Anleitung)
Dies sind die Verzeichnisse von denen wir jeweils die letzten 30 Tage sehen wollen:
Verzeichnis von C:\
Verzeichnis von C:\WINDOWS\system32
Verzeichnis von C:\WINDOWS
Verzeichnis von C:\WINDOWS\Prefetch (Windows XP)
Verzeichnis von C:\WINDOWS\tasks
Verzeichnis von C:\WINDOWS\Temp
Verzeichnis von C:\DOCUME~1\Name\LOCALS~1\Temp
Ich habe dafür hier schon einen Post erstellt:
http://forum.hijackthis.de/showthread.php?t=20520
Da ich jetzt noch das Combo machen soll, mache ich alles neu:
HijackThis Log
Code:Logfile of HijackThis v1.99.1 Scan saved at 22:45:06, on 06.12.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\guard.exe C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\Software\Sicherheit\Backup\PowerQuest Drive Image 7.0\Agent\PQV2iSvc.exe C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\Dit.exe C:\Treiber\Laserdrucker\HP\ToolBoxFX\bin\HPTLBXFX.exe C:\Treiber\Laserdrucker\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\DitExp.exe C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\avgas.exe C:\Treiber\Logitech\Profiler\lwemon.exe C:\Treiber\Tastatur\Logitech-Tastatur-Maus\SetPoint\SetPoint.exe c:\progra~1\intern~1\iexplore.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.EXE C:\Software\Internet\Chatprogramme\Trillian\trillian.exe C:\Software\Internet\Browser\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Software\DOKUME~1\MICROS~1\OFFICE11\OUTLOOK.EXE C:\Software\Dokumentenprogramme\Microsoft Office\OFFICE11\WINWORD.EXE C:\Software\Internet\Chatprogramme\Trillian3pro\trillian.exe C:\Programme\Internet Explorer\iexplore.exe C:\Software\Sicherheit\Antispy\hijackthis_199\HJT1991.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Software\SICHER~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: WebSpeechBHO Class - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Programme\Xi\NetTransport 2\NTIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [kav] "C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [ToolBoxFX] "C:\Treiber\Laserdrucker\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /systrayIcon:on O4 - HKLM\..\Run: [HP Software Update] C:\Treiber\Laserdrucker\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [browse enc boob bend] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\find help browse enc\Forkgrid.exe O4 - HKLM\..\Run: [SunServer] C:\Software\Sicherheit\Antispy\CounterSpy\sunserver.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Treiber\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [Baitfast] C:\DOKUME~1\Alex\ANWEND~1\OOZESA~1\Dashcool.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Alles mit Net Transport herunterladen - C:\Programme\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Herunterladen mit Net Transport - C:\Programme\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\Software\DOKUME~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://C:\Software\Tuning\Internet\Flash Saving Plugin\FlashSButton.dll/210 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll O9 - Extra 'Tools' menuitem: Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Programme\Gemeinsame Dateien\WebSpeech.4.0\LgxIEBar.dll O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Software\Internet\CHATPR~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Software\Internet\CHATPR~1\ICQ\ICQ.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Software\DOKUME~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O9 - Extra button: MedionShop - {36AF14E3-8E6A-413E-A01F-360900AD6802} - http://www.medionshop.de (file missing) (HKCU) O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Software\Tuning\Internet\Flash Saving Plugin\FlashSButton.dll (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.medion.de O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120593288687 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123544260187 O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} (Photo Uploader Control) - http://www.studivz.net/lib/photouploader/PhotoUploader.cab O18 - Protocol: bw+0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw+0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw-0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw-0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw00 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw00s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw10 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw10s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw20 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw20s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw30 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw30s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw40 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw40s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw50 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw50s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw60 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw60s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw70 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw70s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw80 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw80s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw90 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bw90s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwa0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwa0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwb0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwb0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwc0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwc0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwd0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwd0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwe0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwe0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwf0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwf0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwg0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwg0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwh0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwh0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwi0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwi0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwj0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwj0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwk0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwk0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwl0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwl0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwm0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwm0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwn0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwn0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwo0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwo0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwp0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwp0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwq0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwq0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwr0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwr0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bws0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bws0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwt0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwt0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwu0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwu0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwv0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwv0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bww0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bww0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwx0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwx0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwy0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwy0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwz0 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: bwz0s - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O18 - Protocol: offline-8876480 - {D5916D69-2CBD-4CD4-BE9A-01629D6BA7A1} - C:\Treiber\Tastatur\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing) O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Software\Sicherheit\Antispy\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Software\Sicherheit\Antivirenprogramme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\GEMEIN~1\SONYSH~1\AVLib\Sptisrv.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: V2i Protector - PowerQuest Corporation - C:\Software\Sicherheit\Backup\PowerQuest Drive Image 7.0\Agent\PQV2iSvc.exe
Geändert von think (06.12.2006 um 22:32 Uhr)
Habe Combofix drüber laufen lassen. PC wurde nicht neu gestartet durch Combofix.
Combofix Log
Code:Alex - 06-12-06 22:48:55,96 Service Pack 1 ComboFix 06.11.27W - Running from: "C:\Dokumente und Einstellungen\Alex\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-11-06 to 2006-12-06 )))))))))))))))))))))))))))))))))) 2006-12-05 17:20 <DIR> d-------- C:\KAV_6.0 2006-12-05 12:37 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2006-12-05 03:46 <DIR> d-------- C:\Programme\WinPcap 2006-12-04 18:05 <DIR> d-------- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Wireshark 2006-11-30 01:16 <DIR> d-------- C:\Programme\Oozesafeball 2006-11-30 01:16 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\find help browse enc 2006-11-30 01:16 <DIR> d-------- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Oozesafeball 2006-11-22 14:24 <DIR> d-------- C:\WINDOWS\$SQLUninstallMDAC28-KB911562-x86-DEU$ 2006-11-21 23:00 0 --a------ C:\WINDOWS\system32\WCp64log.dll 2006-11-21 22:44 1,110,528 --a------ C:\WINDOWS\system32\msxml3.dll 2006-11-21 22:35 1,617,920 --a------ C:\WINDOWS\system32\cdintf250.dll 2006-11-21 22:35 <DIR> d-------- C:\WINDOWS\Hewlett-Packard 2006-11-21 22:31 94,208 --a------ C:\WINDOWS\system32\odbcint.dll 2006-11-21 22:31 73,728 --a------ C:\WINDOWS\system32\DBnetlib.dll 2006-11-21 22:31 73,728 --a------ C:\WINDOWS\system32\cliconfg.dll 2006-11-21 22:31 61,440 --a------ C:\WINDOWS\system32\odbccu32.dll 2006-11-21 22:31 61,440 --a------ C:\WINDOWS\system32\odbccr32.dll 2006-11-21 22:31 44,032 --a------ C:\WINDOWS\system32\msxml3r.dll 2006-11-21 22:31 4,656 --a------ C:\WINDOWS\system32\ds16gt.dll 2006-11-21 22:31 36,864 --a------ C:\WINDOWS\system32\mscpxl32.dll 2006-11-21 22:31 32,768 --a------ C:\WINDOWS\system32\odbcad32.exe 2006-11-21 22:31 28,672 --a------ C:\WINDOWS\system32\DBnmpntw.dll 2006-11-21 22:31 28,672 --a------ C:\WINDOWS\system32\dbmsgnet.dll 2006-11-21 22:31 26,224 --a------ C:\WINDOWS\system32\odbc16gt.dll 2006-11-21 22:31 24,576 --a------ C:\WINDOWS\system32\dbmsvinn.dll 2006-11-21 22:31 24,576 --a------ C:\WINDOWS\system32\dbmsrpcn.dll 2006-11-21 22:31 24,576 --a------ C:\WINDOWS\system32\dbmsadsn.dll 2006-11-21 22:31 20,480 --a------ C:\WINDOWS\system32\msorc32r.dll 2006-11-21 22:31 20,480 --a------ C:\WINDOWS\system32\cliconfg.exe 2006-11-21 22:31 180,800 --a------ C:\WINDOWS\system32\sqlunirl.dll 2006-11-21 22:31 16,384 --a------ C:\WINDOWS\system32\odbc32gt.dll 2006-11-21 22:31 16,384 --a------ C:\WINDOWS\system32\ds32gt.dll 2006-11-21 22:31 147,456 --a------ C:\WINDOWS\system32\odbctrac.dll 2006-11-21 22:31 139,264 --a------ C:\WINDOWS\system32\msorcl32.dll 2006-11-21 22:31 102,400 --a------ C:\WINDOWS\system32\odbccp32.dll 2006-11-21 22:24 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hewlett-Packard 2006-11-21 22:24 <DIR> d-------- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\HP 2006-11-21 22:18 <DIR> d-------- C:\Programme\Hewlett-Packard 2006-11-21 22:11 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2006-11-21 22:11 <DIR> d--h----- C:\Config.Msi 2006-11-21 22:11 <DIR> d-------- C:\Programme\HP 2006-11-11 10:22 51,584 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys 2006-11-11 10:22 24,064 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys 2006-11-11 10:22 22,528 --a------ C:\WINDOWS\system32\drivers\mouclass.sys 2006-11-11 10:22 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2006-11-11 10:22 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2006-11-11 02:12 69,632 --a------ C:\WINDOWS\system32\KemXML.dll 2006-11-11 02:12 3,712 --a------ C:\WINDOWS\system32\drivers\LBeepKE.sys 2006-11-11 02:12 155,648 --a------ C:\WINDOWS\system32\kemutb.dll 2006-11-11 02:12 131,072 --a------ C:\WINDOWS\system32\KemUtil.dll 2006-11-11 02:12 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll 2006-11-11 02:11 94,208 --a------ C:\WINDOWS\KHALMNPR.Exe 2006-11-11 02:11 71,936 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys 2006-11-11 02:11 55,936 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys 2006-11-11 02:11 27,136 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys 2006-11-11 02:11 13,568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys 2006-11-10 17:43 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2006-11-10 17:22 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2006-11-10 17:22 34,560 --a------ C:\WINDOWS\system32\drivers\hidclass.sys 2006-11-10 17:22 23,680 --a------ C:\WINDOWS\system32\drivers\hidparse.sys 2006-11-10 17:18 5,600 --a------ C:\WINDOWS\system32\drivers\WmVirHid.sys 2006-11-10 17:18 44,064 --a------ C:\WINDOWS\system32\drivers\WmXlCore.sys 2006-11-10 17:18 21,280 --a------ C:\WINDOWS\system32\drivers\WmFilter.sys 2006-11-10 17:18 163,840 --a------ C:\WINDOWS\system32\WmJoyFrc.dll 2006-11-10 17:18 10,144 --a------ C:\WINDOWS\system32\drivers\WmBEnum.sys 2006-11-09 14:20 <DIR> d-------- C:\Programme\iPod 2006-11-09 14:16 <DIR> d-------- C:\Programme\QuickTime (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-05 17:18 -------- d-------- C:\Programme\FreePDF 2006-12-02 23:19 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-12-02 21:50 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-12-02 21:45 -------- d-------- C:\Programme\Medion 2006-12-02 11:58 -------- d-------- C:\Programme\ICQToolbar 2006-11-29 02:07 -------- d-------- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Skype 2006-11-23 00:39 -------- d-------- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Adobe 2006-11-22 17:29 -------- d-------- C:\Programme\Gemeinsame Dateien\Adobe 2006-11-22 17:21 -------- d-------- C:\Programme\Adobe 2006-11-11 00:32 -------- d-------- C:\Programme\Gemeinsame Dateien\Logitech 2006-11-05 14:11 -------- d-------- C:\Programme\Mozilla Firefox 2006-11-04 22:16 737280 --a------ C:\WINDOWS\iun6002.exe 2006-10-29 18:55 -------- d-------- C:\Programme\Apple Software Update 2006-10-15 23:30 -------- d-------- C:\Programme\MSXML 4.0 2006-10-12 21:21 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys 2006-10-12 21:21 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys 2006-09-19 15:43 109360 --a------ C:\WINDOWS\system32\GEARAspi.dll 2006-09-12 16:51 1245184 --a------ C:\WINDOWS\system32\msxml4.dll 2006-09-10 14:56 296 --a------ C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\zi.cfg 2006-09-09 21:06 131584 --a------ C:\WINDOWS\system32\SpoonUninstall.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Start WingMan Profiler"="\"C:\\Treiber\\Logitech\\Profiler\\lwemon.exe\" /noui" "Baitfast"="C:\\DOKUME~1\\Alex\\ANWEND~1\\OOZESA~1\\Dashcool.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "kav"="\"C:\\Software\\Sicherheit\\Antivirenprogramme\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\"" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "SoundMan"="SOUNDMAN.EXE" "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "Dit"="Dit.exe" "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" @="" "ToolBoxFX"="\"C:\\Treiber\\Laserdrucker\\HP\\ToolBoxFX\\bin\\HPTLBXFX.exe\" /enum:on /alerts:on /systrayIcon:on" "HP Software Update"="C:\\Treiber\\Laserdrucker\\HP\\HP Software Update\\HPWuSchd2.exe" "browse enc boob bend"="C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\find help browse enc\\Forkgrid.exe" "SunServer"="C:\\Software\\Sicherheit\\Antispy\\CounterSpy\\sunserver.exe" "!AVG Anti-Spyware"="\"C:\\Software\\Sicherheit\\Antispy\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,84,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,74,00,00,00,00,00,00,00,8c,04,00,00,de,03,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,74,00,00,00,00,00,00,00,8c,04,00,00,de,03,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Alex^Startmenü^Programme^Autostart^Desktop-Alarm.lnk] "path"="C:\\Dokumente und Einstellungen\\Alex\\Startmenü\\Programme\\Autostart\\Desktop-Alarm.lnk" "backup"="C:\\WINDOWS\\pss\\Desktop-Alarm.lnkStartup" "location"="Startup" "command"="D:\\EIGENE~1\\DOWNLO~1\\DESKTO~1.EXE " "item"="Desktop-Alarm" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Alex^Startmenü^Programme^Autostart^MBM 5.lnk] "path"="C:\\Dokumente und Einstellungen\\Alex\\Startmenü\\Programme\\Autostart\\MBM 5.lnk" "backup"="C:\\WINDOWS\\pss\\MBM 5.lnkStartup" "location"="Startup" "command"="C:\\Treiber\\MOTHER~1\\MBM5.exe " "item"="MBM 5" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Adobe Reader - Schnellstart.lnk" "backup"="C:\\WINDOWS\\pss\\Adobe Reader - Schnellstart.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE " "item"="Adobe Reader - Schnellstart" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccG160] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AccG160" "hkey"="HKLM" "command"="C:\\Software\\Internet\\Wlan\\WLANQU~1\\AccG160.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Agent" "hkey"="HKLM" "command"="C:\\Programme\\Medion\\PowerCinema\\My_TV\\Agent.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLMIcon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AOLMIcon" "hkey"="HKCU" "command"="C:\\Programme\\Gemeinsame Dateien\\AOLSHARE\\AOLMIcon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVGCtrl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AVGNT" "hkey"="HKLM" "command"="\"C:\\Software\\Sicherheit\\Antivirenprogramme\\AVPersonal\\AVGNT.EXE\" /min" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ElbyCheck" "hkey"="HKLM" "command"="\"C:\\Software\\Burning\\Elaborate Bytes\\CloneCD\\ElbyCheck.exe\" /L ElbyCDFL" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CloneCDTray" "hkey"="HKLM" "command"="\"C:\\Software\\Burning\\CloneCD\\CloneCDTray.exe\" /s" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop-Alarm] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="desktop-alarm" "hkey"="HKCU" "command"="D:\\Eigene Dateien\\Downloads\\desktop-alarm.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreePDFAssistent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreePDFA" "hkey"="HKLM" "command"="C:\\Programme\\FreePDF\\FreePDFA.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKey] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKey" "hkey"="HKLM" "command"="C:\\WINDOWS\\Twain_32\\SlimU2\\HotKey.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ICQLite" "hkey"="HKLM" "command"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Software\\Multimedia\\iTunes\\iTunesHelper.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="\\Program\\" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KHALMNPR" "hkey"="HKLM" "command"="KHALMNPR.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxtorOneTouch] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OneTouch" "hkey"="HKLM" "command"="C:\\Treiber\\MAXTOR~1\\Utils\\OneTouch.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MXO Auto Loader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MXOALDR" "hkey"="HKLM" "command"="C:\\WINDOWS\\MXOALDR.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBJ" "hkey"="HKCU" "command"="\"C:\\Software\\Burning\\Nero\\Nero BackItUp\\NBJ.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvCpl" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvMcTray" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRTCLK] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NVRTClk" "hkey"="HKLM" "command"="C:\\WINDOWS\\System32\\NVRTCLK\\NVRTClk.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVDServ" "hkey"="HKLM" "command"="C:\\Programme\\CyberLink\\PowerDVD\\PDVDServ.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Siemens SmartSync - ScheduleSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SCHEDU~1" "hkey"="HKLM" "command"="C:\\Software\\CONNEC~1\\MOBILE~1\\SMARTS~1\\SCHEDU~1.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLAN Quick-Starter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WLAN Quick-Starter" "hkey"="HKLM" "command"="\"C:\\Software\\Internet\\Wlan\\WLAN Quick-Starter\\WLAN Quick-Starter.exe\" -update" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTouch" "hkey"="HKLM" "command"="C:\\Treiber\\Tastatur\\Logitech\\iTouch\\iTouch.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll" ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20061205-132713-742 R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) backup-20061205-132436-719 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local., Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\B349AD939356297B.job Completion time: 06-12-06 22:51:12.70 C:\ComboFix.txt ... 06-12-06 22:51
Geändert von think (06.12.2006 um 22:07 Uhr)
Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)
Berechtigungen
